def updateFriendDetails(safe, profileId, mask, avatar=None, alias=None):
"""
Set localiased friend details (avatar and alias).
NOTE: setting avatar evaluates and sets new checksum value
@param safe: crypto box
@param profileId: logged in profile ID
@param mask: friend's local (masked) user ID
@param avatar: friend's avatar data
@param alias: friend's alias
@return: (Boolean) Success of update if avatar is None, else checksum value
"""
if avatar is None and alias is None:
return False
checksum = None
con = getCursor()
if avatar:
checksum = bytes(sha1(avatar).hexdigest(), encoding='ascii')
con.execute("UPDATE friends SET checksum=?, avatar=? WHERE profile_id=? AND friend_mask=?",
list(encrypt(safe, checksum, avatar)) + [profileId, mask])
if alias:
con.execute("UPDATE friends SET alias=? WHERE profile_id=? AND friend_mask=?",
list(encrypt(safe, alias)) + [profileId, mask])
return checksum or True
def storeAccount(phrase, uid, auth, alias):
"""
Store new account information
@param phrase: new passphrase as bytes
@param uid: user id
@param auth: authentication token
@param alias: user set alias for profile
@return: Profile ID of newly created profile and safe
"""
con = getCursor()
# random phrase buffer
buffer = nacl.utils.random(nacl.secret.SecretBox.KEY_SIZE)
# create safe (db encryption)
safe = SecretBox(b''.join((phrase, buffer[len(phrase) - 32:])))
# create new signing_key and verify_key (message signing)
skey = nacl.signing.SigningKey.generate()
# create new private and public key (message encryption)
mkey = PrivateKey.generate()
con.execute("INSERT INTO profiles (uid, auth, signing_key, verify_key, private_key, public_key, buffer, alias) "
"VALUES (?, ?, ?, ?, ?, ?, ?, ?)",
list(encrypt(safe, uid, auth, skey._seed, skey.verify_key.encode(encoder=nacl.encoding.HexEncoder),
mkey._private_key, mkey.public_key._public_key)) + [buffer, alias])
profileId = con.lastrowid
return profileId, safe
def updateAccount(safe, profileId, auth):
"""
Update profile information with new auth token
@param safe: crypto box
@param profileId: profile ID of logged in user
@param auth: Authentication token
"""
con = getCursor()
con.execute("UPDATE profiles SET auth=? WHERE ROWID=?", list(encrypt(safe, auth)) + [profileId])
def storeHistory(safe, profileId, mask, message, fromFriend, timestamp=None):
"""
Store messages in database
@param safe: crypto box
@param profileId: profile ID of logged in user
@param mask: friend's masked ID
@param message: message to store
@param fromFriend: Message was sent by friend (True), instead of being sent by logged in user (False)
@param timestamp: Custom timestamp for received message, default uses current time
@return: inserted rowid
"""
con = getCursor()
if not timestamp:
con.execute("INSERT INTO history (profile_id, friend_mask, message, from_friend) VALUES (?, ?, ?, ?)",
[profileId, mask] + list(encrypt(safe, message, bytes(str(int(fromFriend)), encoding='ascii'))))
else:
con.execute("INSERT INTO history (profile_id, friend_mask, datestamp, message, from_friend) VALUES (?, ?, ?, ?, ?)",
[profileId, mask, timestamp] + list(encrypt(safe, message, bytes(str(int(fromFriend)), encoding='ascii'))))
return con.lastrowid
def setAddress(safe, profileId, mask, addr):
"""
Set address associated with masked friend ID
@param safe: crypto box
@param profileId: profile ID of logged in user
@param mask: friend's uid mask
@param addr: address in form socket type:ip:port
"""
con = getCursor()
con.execute("INSERT INTO address (profile_id, friend_mask, address) VALUES (?, ?, ?)",
[profileId, mask] + list(encrypt(safe, addr)))
def updateFriendAuth(safe, profileId, mask, authToken=False, sentToken=False):
"""
Update authorisation tokens in local storage for given friend (mask).
If authToken or sentToken is False, the parameter set to False will not be updated.
If authToken or sentToken is None, the parameter set to None will be removed from local storage (set to '').
If authToken or sentToken is bytes object, the associated fields will be updated with provided bytes object
@param safe: crypto box
@param profileId: profile ID of logged in user
@param mask: friend's uid mask
@param authToken: Authorisation token used for server commands requiring friend authorisation
@param sentToken: Authorisation token used by friend for server commands regarding us
"""
con = getCursor()
if authToken is not False:
con.execute("UPDATE friend_auth SET auth_token=? WHERE profile_id=? AND friend_mask=?",
list(encrypt(safe, authToken)) if authToken is not None else [b''] + [profileId, mask])
if sentToken is not False:
con.execute("UPDATE friend_auth SET sent_token=? WHERE profile_id=? AND friend_mask=?",
list(encrypt(safe, sentToken)) if sentToken is not None else [b''] + [profileId, mask])
def setFriendAuth(safe, profileId, mask, authToken, sentToken):
"""
Set profile's authorised mask associated with friend
@param safe: crypto box
@param profileId: profile ID of logged in user
@param mask: mask of friend's original UID value (profile specific)
@param authToken: Authorisation token used for server commands requiring friend authorisation
@param sentToken: Authorisation token used by friend for server commands regarding us
"""
con = getCursor()
con.execute("INSERT INTO friend_auth (profile_id, friend_mask, auth_token, sent_token) VALUES (?, ?, ?, ?)",
[profileId, mask] + list(encrypt(safe, authToken, sentToken)))
def updateLocalProfile(safe, profileId, avatar=None, alias=None):
"""
Update profile's locally stored avatar and/or alias
@param safe: crypto box
@param profileId: profile ID of logged in user
@param avatar: avatar data to store. If str object, avatar will be taken as a path to a file, otherwise byte data assumed
@param alias: logged in user's alias
"""
con = getCursor()
if avatar:
con.execute("UPDATE profiles SET avatar=? WHERE ROWID=?", list(encrypt(safe, avatar)) + [profileId])
if alias:
con.execute("UPDATE profiles SET alias=? WHERE ROWID=?", [alias, profileId])
def updateAddress(safe, profileId, mask, addr):
"""
Update address associated with masked friend ID
@param safe: crypto box
@param profileId: profile ID of logged in user
@param mask: friend's uid mask
@param addr: address in form of socket type:ip:port
"""
con = getCursor()
con.execute("SELECT count(profile_id) FROM address where profile_id=? and friend_mask=?", (profileId, mask))
if int(con.fetchone()[0]):
con.execute("UPDATE address SET address=? WHERE profile_id=? AND friend_mask=?",
list(encrypt(safe, addr)) +[profileId, mask])
else:
setAddress(safe, profileId, mask, addr)
def setUidMask(safe, profileId, uid):
"""
Set new mask value for given user ID
@param safe: crypto box
@param profileId: profile ID of logged in user
@param uid: user ID to mask
@return: localised masked ID for friend
"""
con = getCursor()
fmask = str(uuid4())
con.execute("INSERT INTO friend_mask (profile_id, friend_mask, friend_uid) VALUES (?, ?, ?)",
[profileId, fmask] + list(encrypt(safe, uid)))
return fmask
def storeFileRequest(safe, profileId, outgoing, mask, request):
"""
Set file transfer request
@param safe: crypto box
@param profileId: logged in profile ID
@param outgoing: 1 (True) for file requests sent by logged in user, 0 (False) for received file transfer requests
@param mask: friend mask
@param request: (filename, size, checksum)
"""
fname, size, checksum = request
con = getCursor()
con.execute("INSERT INTO file_requests (profile_id, outgoing, friend_mask, filename, checksum, filesize, datestamp) "
"VALUES (?, ?, ?, ?, ?, ?, ?)", [profileId, outgoing, mask] + list(encrypt(safe, fname, checksum, size, bytes(str(datetime.utcnow()), encoding='ascii'))))
return con.lastrowid
def storeFriendRequest(safe, profileId, uid, message, address, outgoing):
"""
Store submitted friend request
@param safe: crypto box
@param profileId: profile ID of logged in user
@param uid: user ID request was sent to
@param message: original message sent with request
@param address: If incoming request, store address information
@param outgoing: 1 (True) if request sent by us, otherwise 0 (False) if received request
"""
con = getCursor()
# timestamp is created on insert
con.execute("INSERT INTO friend_requests (profile_id, outgoing, uid, address, message, datestamp) VALUES (?, ?, ?, ?, ?, ?)",
[profileId, outgoing] + list(encrypt(safe, uid, address, message,
bytes(str(datetime.utcnow()), encoding='ascii'))))
return con.lastrowid
def storeAuthority(safe, profileId, mask, signingKey, messageKey):
"""
Store new public key for uid (friend).
@param safe: crypto box
@param profileId: profile ID of logged in user
@param mask: localised mask of friend's ID
@param signingKey: friend's digital signature public key
@param messageKey: friend's message encryption public key
@return: True if successfully set, otherwise False if entry currently exists
"""
con = getCursor()
# try to insert new entry
try:
con.execute("INSERT INTO friends (profile_id, friend_mask, verify_key, public_key) VALUES (?, ?, ?, ?)",
[profileId, mask] + list(encrypt(safe, signingKey, messageKey)))
success = True
except IntegrityError:
# friend entry already exists
logging.error("Authority Error", "Trying to override current friends public key")
success = False
return success
